Consumers fortunate enough to be using the Internet for over a decade right now will remember a platform by the name of Geocities. This platform was quite popular in the early days of internet consumer adoption. It allowed anyone to host a website for free and proved to be quite powerful. A new type of malware, which goes by the name of Baijiu, used the Geocities’ web service to deceive victims.
Internet Criminals Have Not Forgotten About Geocities
It is quite interesting to see how new technology and old internet services can be combined to create a powerful malware strain. The Baijiu malware has caught the attention of security researchers this week. Not only does it use the Geocities’ web service, but it also tries to target people who show an increased interest in North Korea. That latter part is quite interesting, to say the least.
To be more specific there is a big crisis taking place in North Korea. There is a global concern regarding the humanitarian situation in the country. For those who are unaware, North Korea was hit by a major typhoon last year, and humanitarian help has been underway ever since. However, the government does not reveal much information regarding these efforts whatsoever.
People who show an interest in this situation are now targeted by this new type of malware. Victims are tricked into clicking a malicious file hosted on a Geocities website which promises to tell them more about how the humanitarian situation is unfolding right now. It is an interesting play by cybercriminals, that much is certain.
As one would somewhat expect, this malware is mainly designed to infect computers with espionage tools. This will allow the criminals to steal data from their victims, although it is a bit unclear as to what the criminals are after exactly. In most cases, criminals look to extract information related to financial problems and logins for other online services.
Baijiu sets itself apart from the competition due to some other features as well. Unlike most current types of malware, Baijiu has proven to be quite a complex piece of work. Rather than using a more traditional phishing attack, its developers are actively targeting a specific group of users. Moreover, the malware successfully hides as long as possible, making detection nearly impossible.
The use of Geocities to spread this malware is what stands out to most technology enthusiasts, though. Yahoo still owns this web hosting service provider, and Geocities is still free to use. Moreover, it provides high bandwidth and does not require users to go through a thorough signup process. This makes it rather appealing to cybercriminals, and it is not unlikely more criminals will use this platform for future attacks.